package com.cj.config;

import com.cj.Service.DeptService;
import com.cj.ServiceImpl.MyAuthenctiationFailureHandler;
import com.cj.ServiceImpl.MyAuthenctiationSucessHandler;
import com.cj.ServiceImpl.UserDetail;
import com.cj.pojo.DeptPojo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;

@Configuration
@EnableWebSecurity
public class Securityconfig extends WebSecurityConfigurerAdapter {

	@Autowired
	private UserDetail userDetail;
	@Autowired
	private MyAuthenctiationFailureHandler myAuthenctiationFailureHandler;
	@Autowired
	private MyAuthenctiationSucessHandler myAuthenctiationSucessHandler;

	@Bean
	public BCryptPasswordEncoder bCryptPasswordEncoder() {
		return new BCryptPasswordEncoder();
	}

	@Autowired
	DeptService deptService;

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests()
				.antMatchers("/css/**", "/js/**", "/image/**", "/bower_components/**", "/build/**", "/dist/**",
						"/plugins/**", "/login", "/user/login.do", "/index")
				.permitAll()
				.antMatchers("/dept/**").hasAnyRole("ALL")
				.antMatchers("/user/**").hasAnyRole("ALL");
		// 获取部门信息  角色中必须包含部门id才可以访问
		List<DeptPojo>  depteList = deptService.queryDpetByPojo(new DeptPojo());
		for (DeptPojo deptPojo: depteList) {
			http.authorizeRequests().antMatchers("/emp/index/"+deptPojo.getId()).hasAnyRole(deptPojo.getId().toString()+",ALL");
		}
		http.authorizeRequests().antMatchers("/log/**").hasAnyRole("ALL")
				.antMatchers().hasAnyRole()
				.anyRequest().authenticated()
				.and().formLogin().loginPage("/login")
				.loginProcessingUrl("/login.do").failureUrl("/index").defaultSuccessUrl("/starter")
				.failureHandler(myAuthenctiationFailureHandler).successHandler(myAuthenctiationSucessHandler).and()
				.csrf().disable();

	}

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.userDetailsService(userDetail);
	}
}
